Query module CgiXss

name
CGI script vulnerable to cross-site scripting
description
Writing user input directly to a web page allows for a cross-site scripting vulnerability.
kind
problem
problem.severity
error
precision
high
id
cpp/cgi-xss
tags
security external/cwe/cwe-079

Imports

Environment

Reading from the environment, for example with ‘getenv’.

TaintTracking
cpp

Provides classes and predicates for working with C/C++/ObjC/ObjC++ code.

Classes

PrintStdoutCall

A call that prints its arguments to stdout.

QueryString

A read of the QUERY_STRING environment variable